Report: Bots and Money Drive Malware Threats

A new report from McAfee says bots and money-making schemes are driving malware expansion as "cybergangs" cooperate on long-term criminal strategies.

McAfee's anti-virus team says that bots are driving an overall increase in malware detected in the second quarter of 2005.

McAfee's AVERT team said it charted a 12 percent increase in the number of new "potentially unwanted programs" (PUPs), a category that includes viruses and worms as well as bots, spyware and adware.

"In just the first and second quarters of 2005, the number of exploited machines using backdoor techniques has increased over 63 percent from the total at the end of 2004," said Vincent Gullotto, vice president of McAfee AVERT in a statement. "This often resulted in spyware and adware being downloaded onto affected systems. Thus spyware has continued to be a major problem. There are four anti-spyware bills working their way through Congress to help tackle this growing problem, but we believe the problem is only going to get worse. Consumers and enterprises are becoming more and more aware of the need for various security technologies to protect their machines and networks."

According to AVERT, the top malicious threats in the second quarter of this year were Exploit-Byteverify, Mydoom, Mytob and Netsky. The company also said there was an increase in Bagle downloaders, which could release as many as eight variants in the duration of a few hours.

The company also reported that the number of bot-related cases increased by 303 percent from Q1 to Q2 2005 (from just over 3,000 cases to just under 13,000).

In addition to new emerging and more harmful threats, McAfee also reported an increase in money making cyber crime schemes:

"According to a recent Gartner report," the company said, "threats are moving toward databases, allowing hackers to gain complete control over a network or a personal computer. In turn, this allows the hacker to hijack confidential and personal information for ransom."

The company said a report it released June 5 of this year "suggests that there is a new hierarchy of cybercriminals, and that each level, from amateur to professional, has different tactics and motives.
The most interesting development in recent years is cyber gangs, who sit at the top of this cybercrime chain. These advanced groups of career criminals and hackers agree to cooperate, plan and execute long term attack strategies that are of little interest to the socially-motivated hacker or script kiddy."

Finally, McAfee said "mobile viruses remain a growing threat," though the statement it released limited itself to proof-of-concept exploits and the discovery of vulnerabilities, not a detailed list of malware found in the wild.